US20020099956A1 - Information processing apparatus and storage medium - Google Patents
Information processing apparatus and storage medium Download PDFInfo
- Publication number
- US20020099956A1 US20020099956A1 US10/101,057 US10105702A US2002099956A1 US 20020099956 A1 US20020099956 A1 US 20020099956A1 US 10105702 A US10105702 A US 10105702A US 2002099956 A1 US2002099956 A1 US 2002099956A1
- Authority
- US
- United States
- Prior art keywords
- input
- section
- registered
- information processing
- processing apparatus
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
Definitions
- the present invention generally relates to information processing apparatuses and storage media, and more particularly to an information processing apparatus which has a security function and a computer-readable storage medium which stores a program for causing a computer to have a security function.
- a method is proposed in which a desktop personal computer is equipped with a lock, for example. In this case, it is impossible to turn ON the personal computer unless an authorized user opens the lock.
- a more specific object of the present invention is to provide an information processing apparatus having a security function which can relatively easily and positively prevent an unauthorized user from using the information processing apparatus illegally, and to provide a computer-readable storage medium which stores a program for causing a computer to have such a security function.
- Another object of the present invention is to provide the information processing apparatus which includes an input section which inputs information and instruction, a comparing section which compares an input operation pattern from said input section with one or a plurality of registered operation patterns which are registered in advance depending on the operation mode, and a control section which controls the operation mode to a state where an operation from said input section is impossible based on a comparison result of said comparison section.
- the information processing apparatus of the present invention it is possible to relatively easily and positively prevent an unauthorized user from using the information processing apparatus illegally.
- Another object of the present invention is to provide a computer-readable storage medium which stores a program for causing a computer to have a security function, and causes the computer to carry out a comparing procedure which compares an input operation pattern with one or a plurality of registered operation patterns depending on an operation mode of the computer, and a control procedure which controls the operation mode to a state where the input operation is impossible based on a comparison result of said comparing procedure.
- a computer-readable storage medium which stores a program for causing a computer to have a security function, and causes the computer to carry out a comparing procedure which compares an input operation pattern with one or a plurality of registered operation patterns depending on an operation mode of the computer, and a control procedure which controls the operation mode to a state where the input operation is impossible based on a comparison result of said comparing procedure.
- FIG. 1 is a perspective view showing an embodiment of an information processing apparatus according to the present invention
- FIG. 2 is a block diagram showing the structure of an important part of a main body shown in FIG. 1;
- FIG. 3 is a flow chart for explaining the operation of a CPU
- FIG. 4 is a block diagram showing a power circuit section
- FIG. 5 is a flow chart for explaining an input operation pattern registration process of the CPU
- FIG. 6 is a diagram showing an input operation pattern register/delete screen
- FIG. 7 is a diagram showing a registration select screen which is displayed when a register button is selected
- FIG. 8 is a diagram showing a registration screen which is displayed when a security selecting button for selecting security during the power-ON state is selected;
- FIG. 9 is a diagram showing an input operation pattern which is registered after the registration is stated.
- FIG. 10 is a diagram showing a screen for setting the time when the power can be turned ON, which is displayed when a setting button for setting the time when the power can be turned ON is selected;
- FIG. 11 is a diagram showing a condition setting screen which is displayed when a condition setting button in a registration screen is selected.
- FIG. 12 is a diagram showing an input operation pattern which is registered after the registration is started.
- FIG. 1 is a perspective view showing an embodiment of an information processing apparatus according to the present invention.
- the present invention is applied to a desktop computer system.
- the present invention may also be similarly applied to a portable computer system and the like.
- a computer system 100 shown in FIG. 1 is generally provided with a main body 101 which includes a CPU, a disk drive and the like, a display 102 which includes a display screen 102 a for displaying an image in response to an instruction from the main body 101 , a keyboard 103 which is used to input various information to the computer system 100 , a mouse 104 which is used to specify an arbitrary position on the display screen 102 a of the display 102 , and a modem 105 which is used to access an external database or the like and to download programs or the like stored in another computer system.
- a main body 101 which includes a CPU, a disk drive and the like
- a display 102 which includes a display screen 102 a for displaying an image in response to an instruction from the main body 101
- a keyboard 103 which is used to input various information to the computer system 100
- a mouse 104 which is used to specify an arbitrary position on the display screen 102 a of the display 102
- a modem 105 which is used
- a program which causes the computer system 100 to have a security function and is stored in a portable storage medium such as a disk 110 or, is downloaded from a storage medium 106 of another computer system using a communication unit such as the modem 105 , is input to the computer system 100 and compiled.
- a computer-readable storage medium according to the present invention is formed by a recording medium, such as the disk 110 , which stores the program.
- the recording medium forming the storage medium according to the present invention is not limited to portable recording media such as the disk 110 , IC card memory, floppy disk, magneto-optical disk and CD-ROM, but also includes various kinds of recording media which are accessible by a computer system which is coupled via the communication unit or communication means such as the modem 105 and LAN.
- FIG. 2 is a block diagram for explaining the structure of an important part within the main body 101 of the computer system 100 .
- the main body 101 generally includes a CPU 201 , a memory section 202 made of RAM, ROM or the like, a disk drive 203 for the disk 110 , and a hard disk drive 204 which are connected via a bus 200 .
- the display 102 , the keyboard 103 , the mouse 104 and the like may be connected to the CPU 201 via the bus 200 or, connected directly to the CPU 201 , although the illustration thereof will be omitted.
- the structure of the computer system 100 is not limited to that shown in FIGS. 1 and 2, and various other known structures may be used instead.
- FIG. 3 is a flow chart for explaining the operation of CPU 201 of this embodiment.
- a step S 1 decides whether or not an input operation pattern is registered. If the decision result in the step S 1 is NO, the process advances to a step S 21 which is described later. It will be assumed for the sake of convenience that the input operation pattern is registered, and the process from and after the step S 1 will be described.
- a step S 2 starts a security process and a step S 3 decides whether or not a security trigger exists.
- the security is triggered when the power is turned ON and the computer system 100 is started, when an operation mode is switched from a suspend mode to a resume mode, when there is no input from the keyboard 103 , the mouse 104 and the modem 105 for a predetermined time in a specific operation mode or, when a camera, an infrared sensor or the like detects that a user is not in an operating position of the computer system 100 , or the like, for example.
- a step S 4 decides whether or not the power of the computer system 100 is OFF.
- a step S 5 decides whether or not the power is turned ON. If the decision result in the step S 5 is YES, a step S 6 detects the input operation pattern.
- the input operation pattern refers to a pattern of a plurality of operations carried out with respect to the computer system 100 by making inputs from at least one of the keyboard 103 , the mouse 104 and the modem 105 .
- the input operation pattern may be such that an order of the operations is completely fixed or, an order includes at least a part of random order where the order of the operations may be changed. For example, the input operation pattern starts a second application after a first application is started and thereafter starts a third application.
- a step S 7 compares the input operation pattern with the input operation patterns immediately after the power is turned ON which are registered in the memory section 202 or the like in advance, that is, compares the input operation pattern with the registered operation patterns with respect to the operation mode immediately after the power is turned ON.
- One or more operation patterns may be registered.
- the input operation pattern is compared with all of the registered operation patterns to search for a matching registered operation pattern.
- a step S 8 decides whether or not the input operation pattern and the compared registered operation pattern match. If the decision result in the step S 8 is YES, a step S 9 cancels the security process and the process ends.
- step S 10 notifies the computer system 100 of unauthorized use.
- the unauthorized use is notified by displaying a message on the display 102 , transmitting a message to another computer system via the modem 105 , or outputting a buzzer sound or a voice message in the main body 101 .
- a step S 11 automatically shuts down the computer system 100 and the process ends.
- the power of the computer system 100 is automatically turned OFF by the shutdown.
- a method such as locking the keyboard 103 , for example so that the computer system 100 is controlled to a state where the input operation is impossible.
- the step S 10 may inform the state where the input operation is impossible and/or the prohibition of restart.
- a step S 16 detects the input operation pattern.
- a step S 17 compares the input operation pattern with the input operation patterns in the power-ON state which are registered in the memory section 202 or the like in advance, that is, the registered operation patterns for the operation mode after a predetermined time elapses from the power-ON state.
- the operation mode after the predetermined time elapses from the power-ON state refers to a state where one or more applications are started, a state where a screen saver is in operation, a state where no input operation is performed for a predetermined time since the last input operation, or the like. Also in this case, one or more registered operation patterns may be registered.
- step S 18 decides whether or not the input operation pattern and the compared registered operation pattern match. If the decision result in the step S 18 is YES, the step S 9 cancels the security process and the process ends as described above. On the other hand, if the decision result in the step S 18 is NO, the above-described steps S 10 and S 11 are carried out simultaneously.
- the steps S 8 and S 11 compare the input operation pattern with the registered operation patterns and decide whether or not the patterns are the same. However, as a modification, the steps S 8 and S 11 may judge whether or not a difference between the input operation pattern and the registered operation pattern is within a tolerable range. For example, in a case where registered operation patterns A, B, C and D are registered, the difference may be judged as being within the tolerable range when the input operation pattern starts from A, B and C, when the input operation pattern starts from at least A and B and ends with D, or when the input operation pattern includes A, B, C and D regardless of the order.
- FIG. 4 is a block diagram showing a power circuit section in the main body 101 of the computer system 100 .
- the power circuit section includes a power switch 21 , a power circuit 22 , a security lock section 23 and a security lock releasing section 24 , and is connected to the CPU 201 as shown in the FIG. 4.
- the power circuit 22 supplies a power source voltage to at least the security lock releasing section 24 irrespective of the operation mode.
- the security lock section 23 supplies the power source voltage from the power circuit 22 to the CPU 201 when the power switch 21 is turned ON in the state where the lock is released, and the computer system 100 assumes the power-ON state.
- the security lock section 23 assumes the locked state in response to the shutdown signal. In this locked state, the security lock section 23 cuts off the supply of the power source voltage from the power circuit 22 to the CPU 201 , even when the power switch 21 is turned ON.
- the security lock releasing section 24 is provided so as to set the security lock section 23 in the locked state to the lock released state. Even if the computer system 100 is in the shutdown state, the security lock releasing section 24 generates a lock releasing signal in response to a reset signal which is generated by events such as when a reset switch 25 which is provided at a predetermined part of the computer system 100 is manipulated or, when a plurality of keys on the keyboard 103 are pressed in a predetermined sequence or pressed simultaneously.
- the security lock section 23 which is in the locked state is controlled to the lock released state in response to the lock releasing signal.
- step S 21 carries out the registration process of the input operation pattern, and the process returns to the step S 1 .
- the registration of the input operation pattern may be carried out by a manual register operation or, may be carried out automatically by causing the CPU 201 to monitor the operation ordinarily made by the authorized user.
- FIG. 5 is a flow chart for explaining the registration process of the input operation pattern of the CPU 201 .
- a step S 31 starts a pattern registration program to cause the CPU 201 to register the input operation pattern.
- the pattern registration program may be included in the program (security software) which causes the computer system 100 to have the security function or, may be a separate program.
- the computer-readable storage medium of the present invention may store this pattern registration program.
- a step S 32 displays a message on the display 102 which prompts input of the ID of the authorized user and the password, and inputs the ID and password input from the keyboard 103 .
- a step S 33 confirms whether or not the input ID and password match the registered ID and password by a known method, and if they match, displays a screen 41 such as that shown in FIG. 6 on the display 102 and enables the pattern registration. When the registration operation ends in this state, the process shown in FIG. 5 ends.
- FIG. 6 is a diagram showing an input operation pattern register/delete screen 41 .
- the pattern register/delete screen 41 displays a register button 41 - 1 , a delete button 41 - 2 , a confirm button 41 - 3 , an end button 41 - 4 , a cancel button 41 - 5 , a security start button 41 - 6 and a security stop button 41 - 7 , and a corresponding process starts when a button is clicked and selected by the mouse 104 .
- FIG. 7 is a diagram showing a registration select screen 42 which is displayed on the display 102 when the register button 41 - 1 is selected.
- the registration select screen 42 displays a selecting button 42 - 1 for selecting security during the power-ON state and a selecting button 42 - 2 for making the security valid in the suspend or other operation modes, that is, under other conditions.
- FIG. 8 is a diagram showing a registration screen 43 which is displayed on the display 102 when the selecting button 42 - 1 for selecting security during the power-ON state is selected.
- the registration screen 43 displays a registration start button 43 - 1 , a registration end button 43 - 2 , a confirm button 43 - 3 , an end button 43 - 4 , a cancel button 43 - 5 , a setting button 43 - 6 for setting the time when the power can be turned ON, and a condition setting button 43 - 7 .
- the input operation by the authorized user is monitored from the time when the registration start button 43 - 1 is selected to the time when the registration end button 43 - 2 is selected, and the input pattern such as that shown in FIG. 9 is registered, for example.
- FIG. 9 is a diagram showing the input pattern which is registered after the registration is stated, and shows a case where the input operation pattern includes ten input operations.
- FIG. 10 is a diagram showing a screen 44 for setting the time when the power can be turned ON, which is displayed on the display 102 when the setting button 43 - 6 in the registration screen 43 is selected.
- the screen 44 displays the date, time and the like, and the authorized user sets the conditions which enable the power to be turned ON.
- the continuous operation of the computer system 100 becomes possible only during the time which is set and when the power can be turned ON or, when the difference between the input operation pattern and the registered operation pattern which is registered for the security during the power-ON state is within a tolerable range.
- FIG. 11 is a diagram showing a condition setting screen 45 which is displayed on the display 102 when the condition setting button 43 - 7 in the registration screen 43 is selected.
- the condition setting screen 45 displays a button 45 - 1 for validating the order of the registered operation pattern, a button 45 - 2 for displaying an input request for the input operation pattern, a button 45 - 3 for invalidating the order of the registered operation pattern, and a button 45 - 4 for not displaying the input request for the input operation pattern.
- buttons 45 - 1 for validating the order of the registered operation pattern are selected, the tolerable range of the difference between the input operation pattern and the registered operation pattern becomes narrower, and the computer system 100 is shut down unless these two operation patterns match.
- the button 45 - 3 for invalidating the order of the registered operation pattern is selected, the tolerable range of the difference between the input operation pattern and the registered operation pattern becomes wider, and the continuous operation of the computer system 100 is possible as long as the same operations are performed in an arbitrary order even if these two patterns do not match completely.
- buttons 45 - 2 and 45 - 4 it is possible to display the input request for the input operation pattern, and to prompt the user to operate with the input operation pattern.
- the button 45 - 4 for not displaying the input request is selected, the unauthorized user can not recognize that the security is in operation.
- FIG. 12 is a diagram showing the input operation pattern which is registered after the registration is started, and shows a case where the input operation pattern including five input operations is registered.
- the authorized user can register the input operation pattern in order to realize the security with very easy operation with hardly being conscious of the registration operation.
- the security is canceled automatically by merely performing the operations as usual without being conscious of the security cancel operation, and without the need for operations such as opening the key or inputting the password in order to cancel the security.
- the registered operation pattern may be updated regularly by providing a learning function in the information processing apparatus.
Abstract
An information processing apparatus is constructed to include an input section which inputs information and instruction, a comparing section which compares an input operation pattern from the input section with one or a plurality of registered operation patterns which are registered in advance depending on the operation mode, and a control section which controls the operation mode to a state where the operation from the input section is impossible based on a comparison result of the comparing section.
Description
- The present invention generally relates to information processing apparatuses and storage media, and more particularly to an information processing apparatus which has a security function and a computer-readable storage medium which stores a program for causing a computer to have a security function.
- Recently, with the spread and the improvement in performance of personal computers, strengthened security for preventing an unauthorized user other than an authorized user of the personal computer from using the personal computer illegally, and rewriting, deleting and copying data has become of a greater demand.
- As a first example of a conventional security method, a method is proposed in which a desktop personal computer is equipped with a lock, for example. In this case, it is impossible to turn ON the personal computer unless an authorized user opens the lock.
- Also, as a second example of the conventional security method, a method is proposed in which the starting of the BIOS or OS or, resuming from the screensaver is prohibited unless a password is input from a keyboard of the personal computer. In this case, it is impossible to use the personal computer without inputting of correct password.
- However, in the first example, there was a problem in that even an authorized user could not use the personal computer when the user forgets to bring or loses the key. In addition, there was also a problem in that it becomes possible for an unauthorized user to use the personal computer when the key is stolen or duplicated.
- On the other hand, in the second example, it is possible to use the personal computer as long as the authorized user does not forget the password. However, there was a problem in that password is likely to be set to a number that is easy to remember, such as the birth date of the authorized user and the like, so as not to forget the password. Thus, there was a danger in that the password may be presumed relatively easily by an unauthorized user. For this reason, there was a problem in that it becomes possible for the unauthorized user to use the personal computer when the unauthorized user correctly presumes the password.
- Further, in the first and second examples, there was a problem in that, after the personal computer once becomes usable by use of the key or the input of the password, it is possible for any person to use the personal computer while the authorized user is not at his seat.
- In addition, it is conceivable to use a plurality of locks, a long password or a plurality of passwords, or further, a combination of the lock and the password. However, in each of these conceivable cases, since the operation required by the user becomes complex, the operability of the personal computer deteriorates and at the same time, the load on the user becomes large.
- Hence, it is a general object of the present invention to provide a novel and useful information processing apparatus and storage medium, in which the above-described problems are solved.
- A more specific object of the present invention is to provide an information processing apparatus having a security function which can relatively easily and positively prevent an unauthorized user from using the information processing apparatus illegally, and to provide a computer-readable storage medium which stores a program for causing a computer to have such a security function.
- Another object of the present invention is to provide the information processing apparatus which includes an input section which inputs information and instruction, a comparing section which compares an input operation pattern from said input section with one or a plurality of registered operation patterns which are registered in advance depending on the operation mode, and a control section which controls the operation mode to a state where an operation from said input section is impossible based on a comparison result of said comparison section. According to the information processing apparatus of the present invention, it is possible to relatively easily and positively prevent an unauthorized user from using the information processing apparatus illegally.
- Another object of the present invention is to provide a computer-readable storage medium which stores a program for causing a computer to have a security function, and causes the computer to carry out a comparing procedure which compares an input operation pattern with one or a plurality of registered operation patterns depending on an operation mode of the computer, and a control procedure which controls the operation mode to a state where the input operation is impossible based on a comparison result of said comparing procedure. According to the storage medium of the present invention, it is possible to relatively easily and positively prevent an unauthorized user from using the computer illegally.
- Other objects and further features of the present invention will be apparent from the following detailed description when read in conjunction with the accompanying drawings.
- FIG. 1 is a perspective view showing an embodiment of an information processing apparatus according to the present invention;
- FIG. 2 is a block diagram showing the structure of an important part of a main body shown in FIG. 1;
- FIG. 3 is a flow chart for explaining the operation of a CPU;
- FIG. 4 is a block diagram showing a power circuit section;
- FIG. 5 is a flow chart for explaining an input operation pattern registration process of the CPU;
- FIG. 6 is a diagram showing an input operation pattern register/delete screen;
- FIG. 7 is a diagram showing a registration select screen which is displayed when a register button is selected;
- FIG. 8 is a diagram showing a registration screen which is displayed when a security selecting button for selecting security during the power-ON state is selected;
- FIG. 9 is a diagram showing an input operation pattern which is registered after the registration is stated;
- FIG. 10 is a diagram showing a screen for setting the time when the power can be turned ON, which is displayed when a setting button for setting the time when the power can be turned ON is selected;
- FIG. 11 is a diagram showing a condition setting screen which is displayed when a condition setting button in a registration screen is selected; and
- FIG. 12 is a diagram showing an input operation pattern which is registered after the registration is started.
- FIG. 1 is a perspective view showing an embodiment of an information processing apparatus according to the present invention. In this embodiment, the present invention is applied to a desktop computer system. However, the present invention may also be similarly applied to a portable computer system and the like.
- A
computer system 100 shown in FIG. 1 is generally provided with amain body 101 which includes a CPU, a disk drive and the like, adisplay 102 which includes adisplay screen 102 a for displaying an image in response to an instruction from themain body 101, akeyboard 103 which is used to input various information to thecomputer system 100, amouse 104 which is used to specify an arbitrary position on thedisplay screen 102 a of thedisplay 102, and amodem 105 which is used to access an external database or the like and to download programs or the like stored in another computer system. - A program (security software) which causes the
computer system 100 to have a security function and is stored in a portable storage medium such as adisk 110 or, is downloaded from astorage medium 106 of another computer system using a communication unit such as themodem 105, is input to thecomputer system 100 and compiled. A computer-readable storage medium according to the present invention is formed by a recording medium, such as thedisk 110, which stores the program. The recording medium forming the storage medium according to the present invention is not limited to portable recording media such as thedisk 110, IC card memory, floppy disk, magneto-optical disk and CD-ROM, but also includes various kinds of recording media which are accessible by a computer system which is coupled via the communication unit or communication means such as themodem 105 and LAN. - FIG. 2 is a block diagram for explaining the structure of an important part within the
main body 101 of thecomputer system 100. In FIG. 2, themain body 101 generally includes aCPU 201, amemory section 202 made of RAM, ROM or the like, adisk drive 203 for thedisk 110, and ahard disk drive 204 which are connected via abus 200. In addition, thedisplay 102, thekeyboard 103, themouse 104 and the like may be connected to theCPU 201 via thebus 200 or, connected directly to theCPU 201, although the illustration thereof will be omitted. - Of course, the structure of the
computer system 100 is not limited to that shown in FIGS. 1 and 2, and various other known structures may be used instead. - FIG. 3 is a flow chart for explaining the operation of
CPU 201 of this embodiment. In FIG. 3, a step S1 decides whether or not an input operation pattern is registered. If the decision result in the step S1 is NO, the process advances to a step S21 which is described later. It will be assumed for the sake of convenience that the input operation pattern is registered, and the process from and after the step S1 will be described. - If the decision result in the step S1 is YES, a step S2 starts a security process and a step S3 decides whether or not a security trigger exists. The security is triggered when the power is turned ON and the
computer system 100 is started, when an operation mode is switched from a suspend mode to a resume mode, when there is no input from thekeyboard 103, themouse 104 and themodem 105 for a predetermined time in a specific operation mode or, when a camera, an infrared sensor or the like detects that a user is not in an operating position of thecomputer system 100, or the like, for example. If the decision result in the step S3 is YES, a step S4 decides whether or not the power of thecomputer system 100 is OFF. - If the decision result in the step S4 is YES, a step S5 decides whether or not the power is turned ON. If the decision result in the step S5 is YES, a step S6 detects the input operation pattern. The input operation pattern refers to a pattern of a plurality of operations carried out with respect to the
computer system 100 by making inputs from at least one of thekeyboard 103, themouse 104 and themodem 105. The input operation pattern may be such that an order of the operations is completely fixed or, an order includes at least a part of random order where the order of the operations may be changed. For example, the input operation pattern starts a second application after a first application is started and thereafter starts a third application. - A step S7 compares the input operation pattern with the input operation patterns immediately after the power is turned ON which are registered in the
memory section 202 or the like in advance, that is, compares the input operation pattern with the registered operation patterns with respect to the operation mode immediately after the power is turned ON. One or more operation patterns may be registered. In a case where a plurality of registered operation patterns are registered, the input operation pattern is compared with all of the registered operation patterns to search for a matching registered operation pattern. A step S8 decides whether or not the input operation pattern and the compared registered operation pattern match. If the decision result in the step S8 is YES, a step S9 cancels the security process and the process ends. - On the other hand, if the decision result in the step S8 is NO, steps S10 and S11 are carried out simultaneously. A step S10 notifies the
computer system 100 of unauthorized use. The unauthorized use is notified by displaying a message on thedisplay 102, transmitting a message to another computer system via themodem 105, or outputting a buzzer sound or a voice message in themain body 101. In addition, a step S11 automatically shuts down thecomputer system 100 and the process ends. - In this embodiment, the power of the
computer system 100 is automatically turned OFF by the shutdown. However, instead of performing the shutdown automatically, it is possible to employ a method such as locking thekeyboard 103, for example so that thecomputer system 100 is controlled to a state where the input operation is impossible. The point is, if the unauthorized use is detected, to control thecomputer system 100 to a state where the input operation is impossible by locking thekeyboard 103, turning the power OFF or the like, and thecomputer system 100 may further be prohibited from being restarted. In addition, in a case where the restart of thecomputer system 100 is prohibited, the step S10 may inform the state where the input operation is impossible and/or the prohibition of restart. - On the other hand, if the decision result in the step S4 is NO, a step S16 detects the input operation pattern. A step S17 compares the input operation pattern with the input operation patterns in the power-ON state which are registered in the
memory section 202 or the like in advance, that is, the registered operation patterns for the operation mode after a predetermined time elapses from the power-ON state. The operation mode after the predetermined time elapses from the power-ON state refers to a state where one or more applications are started, a state where a screen saver is in operation, a state where no input operation is performed for a predetermined time since the last input operation, or the like. Also in this case, one or more registered operation patterns may be registered. In addition, in a case where a plurality of registered operation patterns are registered, the input operation pattern is compared with all of the registered operation patterns to search for the matching registered operation pattern. Thus, one or more registered operation patterns are registered in advance for each operation mode. A step S18 decides whether or not the input operation pattern and the compared registered operation pattern match. If the decision result in the step S18 is YES, the step S9 cancels the security process and the process ends as described above. On the other hand, if the decision result in the step S18 is NO, the above-described steps S10 and S11 are carried out simultaneously. - The steps S8 and S11 compare the input operation pattern with the registered operation patterns and decide whether or not the patterns are the same. However, as a modification, the steps S8 and S11 may judge whether or not a difference between the input operation pattern and the registered operation pattern is within a tolerable range. For example, in a case where registered operation patterns A, B, C and D are registered, the difference may be judged as being within the tolerable range when the input operation pattern starts from A, B and C, when the input operation pattern starts from at least A and B and ends with D, or when the input operation pattern includes A, B, C and D regardless of the order.
- FIG. 4 is a block diagram showing a power circuit section in the
main body 101 of thecomputer system 100. The power circuit section includes apower switch 21, apower circuit 22, asecurity lock section 23 and a securitylock releasing section 24, and is connected to theCPU 201 as shown in the FIG. 4. - The
power circuit 22 supplies a power source voltage to at least the securitylock releasing section 24 irrespective of the operation mode. Thesecurity lock section 23 supplies the power source voltage from thepower circuit 22 to theCPU 201 when thepower switch 21 is turned ON in the state where the lock is released, and thecomputer system 100 assumes the power-ON state. On the other hand, if a shutdown signal for automatically making the shutdown is generated in the above-mentioned step S11, thesecurity lock section 23 assumes the locked state in response to the shutdown signal. In this locked state, thesecurity lock section 23 cuts off the supply of the power source voltage from thepower circuit 22 to theCPU 201, even when thepower switch 21 is turned ON. - The security
lock releasing section 24 is provided so as to set thesecurity lock section 23 in the locked state to the lock released state. Even if thecomputer system 100 is in the shutdown state, the securitylock releasing section 24 generates a lock releasing signal in response to a reset signal which is generated by events such as when areset switch 25 which is provided at a predetermined part of thecomputer system 100 is manipulated or, when a plurality of keys on thekeyboard 103 are pressed in a predetermined sequence or pressed simultaneously. Thesecurity lock section 23 which is in the locked state is controlled to the lock released state in response to the lock releasing signal. - Next, a registration process of the input operation pattern will be described. In FIG. 3, if the decision result in the step S1 is NO, the step S21 carries out the registration process of the input operation pattern, and the process returns to the step S1. The registration of the input operation pattern may be carried out by a manual register operation or, may be carried out automatically by causing the
CPU 201 to monitor the operation ordinarily made by the authorized user. - FIG. 5 is a flow chart for explaining the registration process of the input operation pattern of the
CPU 201. In FIG. 5, a step S31 starts a pattern registration program to cause theCPU 201 to register the input operation pattern. The pattern registration program may be included in the program (security software) which causes thecomputer system 100 to have the security function or, may be a separate program. The computer-readable storage medium of the present invention may store this pattern registration program. - A step S32 displays a message on the
display 102 which prompts input of the ID of the authorized user and the password, and inputs the ID and password input from thekeyboard 103. A step S33 confirms whether or not the input ID and password match the registered ID and password by a known method, and if they match, displays ascreen 41 such as that shown in FIG. 6 on thedisplay 102 and enables the pattern registration. When the registration operation ends in this state, the process shown in FIG. 5 ends. - FIG. 6 is a diagram showing an input operation pattern register/delete
screen 41. The pattern register/deletescreen 41 displays a register button 41-1, a delete button 41-2, a confirm button 41-3, an end button 41-4, a cancel button 41-5, a security start button 41-6 and a security stop button 41-7, and a corresponding process starts when a button is clicked and selected by themouse 104. - FIG. 7 is a diagram showing a registration
select screen 42 which is displayed on thedisplay 102 when the register button 41-1 is selected. The registration selectscreen 42 displays a selecting button 42-1 for selecting security during the power-ON state and a selecting button 42-2 for making the security valid in the suspend or other operation modes, that is, under other conditions. - FIG. 8 is a diagram showing a
registration screen 43 which is displayed on thedisplay 102 when the selecting button 42-1 for selecting security during the power-ON state is selected. Theregistration screen 43 displays a registration start button 43-1, a registration end button 43-2, a confirm button 43-3, an end button 43-4, a cancel button 43-5, a setting button 43-6 for setting the time when the power can be turned ON, and a condition setting button 43-7. - In this embodiment, the input operation by the authorized user is monitored from the time when the registration start button43-1 is selected to the time when the registration end button 43-2 is selected, and the input pattern such as that shown in FIG. 9 is registered, for example. FIG. 9 is a diagram showing the input pattern which is registered after the registration is stated, and shows a case where the input operation pattern includes ten input operations.
- FIG. 10 is a diagram showing a
screen 44 for setting the time when the power can be turned ON, which is displayed on thedisplay 102 when the setting button 43-6 in theregistration screen 43 is selected. Thescreen 44 displays the date, time and the like, and the authorized user sets the conditions which enable the power to be turned ON. Hence, the continuous operation of thecomputer system 100 becomes possible only during the time which is set and when the power can be turned ON or, when the difference between the input operation pattern and the registered operation pattern which is registered for the security during the power-ON state is within a tolerable range. - FIG. 11 is a diagram showing a
condition setting screen 45 which is displayed on thedisplay 102 when the condition setting button 43-7 in theregistration screen 43 is selected. Thecondition setting screen 45 displays a button 45-1 for validating the order of the registered operation pattern, a button 45-2 for displaying an input request for the input operation pattern, a button 45-3 for invalidating the order of the registered operation pattern, and a button 45-4 for not displaying the input request for the input operation pattern. - If the button45-1 for validating the order of the registered operation pattern is selected, the tolerable range of the difference between the input operation pattern and the registered operation pattern becomes narrower, and the
computer system 100 is shut down unless these two operation patterns match. In addition, if the button 45-3 for invalidating the order of the registered operation pattern is selected, the tolerable range of the difference between the input operation pattern and the registered operation pattern becomes wider, and the continuous operation of thecomputer system 100 is possible as long as the same operations are performed in an arbitrary order even if these two patterns do not match completely. - On the other hand, if the button45-2 is selected, it is possible to display the input request for the input operation pattern, and to prompt the user to operate with the input operation pattern. In addition, if the button 45-4 for not displaying the input request is selected, the unauthorized user can not recognize that the security is in operation.
- In addition, in the registration
select screen 42 shown in FIG. 7, if the selecting button 42-2 is selected, the security is validated in the suspend or other operation modes, that is, under other conditions. In this case, the input operation by the authorized user from the time when the registration start button 43-1 in theregistration screen 43 shown in FIG. 8 is selected to the time when the registration complete button 43-2 is selected is monitored, and the input operation pattern such as that shown in FIG. 12 is registered. FIG. 12 is a diagram showing the input operation pattern which is registered after the registration is started, and shows a case where the input operation pattern including five input operations is registered. - As described above, according to this embodiment, the authorized user can register the input operation pattern in order to realize the security with very easy operation with hardly being conscious of the registration operation. In addition, the security is canceled automatically by merely performing the operations as usual without being conscious of the security cancel operation, and without the need for operations such as opening the key or inputting the password in order to cancel the security.
- Further, the registered operation pattern may be updated regularly by providing a learning function in the information processing apparatus.
- Further, the present invention is not limited to these embodiments, but various variations and modifications may be made without departing from the scope of the present invention.
Claims (7)
1. An information processing apparatus comprising:
an input section which inputs information and instruction;
a comparing section which compares an input operation pattern from said input section with one or a plurality of registered operation patterns which are registered in advance, depending on the operation mode; and
a control section which controls the operation mode to a state where the operation from said input section is impossible based on a comparison result of said comparison section.
2. The information processing apparatus as claimed in claim 1 , wherein said comparing section outputs a match signal if a difference between the input operation pattern from said input section and the one or plurality of registered operation patterns is within a tolerable range, and said control section controls the operation mode to the state where said operation is impossible in response to said match signal.
3. The information processing apparatus as claimed in claim 1 or 2, wherein said control section controls the operation mode to the state where said operation is impossible, and at the same time, prohibits a restart of the information processing apparatus.
4. The information processing apparatus as claimed in any of claims 1 to 3 , which further comprises a notifying section which notifies the state where said operation is impossible and/or the prohibition of restart.
5. The information processing apparatus as claimed in any of claims 1 to 4 , which further comprises a canceling section which cancels the state where said operation is impossible and/or the prohibition of restart.
6. The information processing apparatus as claimed in any of claims 1 to 5 , which further comprises a registration part which stores the input operation pattern from said input section and automatically registers said one or plurality of registered operation patterns.
7. A computer-readable storage medium which stores a program for causing a computer to have a security function, said program causing the computer to carry out:
a comparing procedure which compares an input operation pattern with one or a plurality of registered operation patterns depending on an operation mode of the computer; and
a control procedure which controls the operation mode to a state where the input operation is impossible based on a comparison result of said comparing procedure.
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP1999/006518 WO2001039099A1 (en) | 1999-11-22 | 1999-11-22 | Information processor and storage medium |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP1999/006518 Continuation WO2001039099A1 (en) | 1999-11-22 | 1999-11-22 | Information processor and storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
US20020099956A1 true US20020099956A1 (en) | 2002-07-25 |
Family
ID=14237367
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/101,057 Abandoned US20020099956A1 (en) | 1999-11-22 | 2002-03-20 | Information processing apparatus and storage medium |
Country Status (2)
Country | Link |
---|---|
US (1) | US20020099956A1 (en) |
WO (1) | WO2001039099A1 (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050071698A1 (en) * | 2003-09-30 | 2005-03-31 | Kangas Paul Daniel | Apparatus, system, and method for autonomic power adjustment in an electronic device |
US20050278780A1 (en) * | 2004-06-12 | 2005-12-15 | Krishna Girish R | System and method for monitoring processing in a document processing peripheral |
US20070044140A1 (en) * | 2005-08-18 | 2007-02-22 | Fujitsu Limited | Program, system and method for authenticating permission to use a computer system and inhibiting access to an unauthorized user |
US20090100526A1 (en) * | 2003-07-10 | 2009-04-16 | Mitac Technology Corp. | Portable computer and security operating method thereof |
US20120212511A1 (en) * | 2005-04-06 | 2012-08-23 | Sony Corporation | Reproducing device, setting changing method, and setting changing device |
US20170060263A1 (en) * | 2014-07-29 | 2017-03-02 | Hewlett-Packard Development Company, L.P. | Display Device |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9406032B2 (en) | 2001-08-21 | 2016-08-02 | Bookit Oy Ajanvarauspalvelu | Financial fraud prevention method and system |
JP4064647B2 (en) | 2001-08-24 | 2008-03-19 | 富士通株式会社 | Information processing apparatus and input operation apparatus |
JP4922421B2 (en) * | 2010-02-23 | 2012-04-25 | 株式会社バッファロー | External hard disk storage device, external hard disk storage device control method, and external hard disk storage device control program |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5705982A (en) * | 1996-08-01 | 1998-01-06 | North America Technitron Corporation | Intrusion detection, register and indication apparatus |
US6054928A (en) * | 1998-06-04 | 2000-04-25 | Lemelson Jerome H. | Prisoner tracking and warning system and corresponding methods |
US6256737B1 (en) * | 1999-03-09 | 2001-07-03 | Bionetrix Systems Corporation | System, method and computer program product for allowing access to enterprise resources using biometric devices |
US6279113B1 (en) * | 1998-03-16 | 2001-08-21 | Internet Tools, Inc. | Dynamic signature inspection-based network intrusion detection |
US6370648B1 (en) * | 1998-12-08 | 2002-04-09 | Visa International Service Association | Computer network intrusion detection |
US6405318B1 (en) * | 1999-03-12 | 2002-06-11 | Psionic Software, Inc. | Intrusion detection system |
US6442692B1 (en) * | 1998-07-21 | 2002-08-27 | Arkady G. Zilberman | Security method and apparatus employing authentication by keystroke dynamics |
US6895514B1 (en) * | 1999-06-25 | 2005-05-17 | Lucent Technologies Inc. | Method and apparatus for achieving secure password access |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPS63148359A (en) * | 1986-12-12 | 1988-06-21 | Canon Inc | System start up controller |
JPH07160641A (en) * | 1993-12-08 | 1995-06-23 | Hitachi Ltd | Information processor |
-
1999
- 1999-11-22 WO PCT/JP1999/006518 patent/WO2001039099A1/en active Application Filing
-
2002
- 2002-03-20 US US10/101,057 patent/US20020099956A1/en not_active Abandoned
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5705982A (en) * | 1996-08-01 | 1998-01-06 | North America Technitron Corporation | Intrusion detection, register and indication apparatus |
US6279113B1 (en) * | 1998-03-16 | 2001-08-21 | Internet Tools, Inc. | Dynamic signature inspection-based network intrusion detection |
US6054928A (en) * | 1998-06-04 | 2000-04-25 | Lemelson Jerome H. | Prisoner tracking and warning system and corresponding methods |
US6442692B1 (en) * | 1998-07-21 | 2002-08-27 | Arkady G. Zilberman | Security method and apparatus employing authentication by keystroke dynamics |
US6370648B1 (en) * | 1998-12-08 | 2002-04-09 | Visa International Service Association | Computer network intrusion detection |
US6256737B1 (en) * | 1999-03-09 | 2001-07-03 | Bionetrix Systems Corporation | System, method and computer program product for allowing access to enterprise resources using biometric devices |
US6405318B1 (en) * | 1999-03-12 | 2002-06-11 | Psionic Software, Inc. | Intrusion detection system |
US6895514B1 (en) * | 1999-06-25 | 2005-05-17 | Lucent Technologies Inc. | Method and apparatus for achieving secure password access |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9400896B2 (en) * | 2003-07-10 | 2016-07-26 | Getac Technology Corporation | Portable computer and security operating method thereof |
US20090100526A1 (en) * | 2003-07-10 | 2009-04-16 | Mitac Technology Corp. | Portable computer and security operating method thereof |
US20050071698A1 (en) * | 2003-09-30 | 2005-03-31 | Kangas Paul Daniel | Apparatus, system, and method for autonomic power adjustment in an electronic device |
US7117380B2 (en) * | 2003-09-30 | 2006-10-03 | International Business Machines Corporation | Apparatus, system, and method for autonomic power adjustment in an electronic device |
CN100397265C (en) * | 2003-09-30 | 2008-06-25 | 国际商业机器公司 | Apparatus, system, and method for autonomic power adjustment in an electronic device |
US20050278780A1 (en) * | 2004-06-12 | 2005-12-15 | Krishna Girish R | System and method for monitoring processing in a document processing peripheral |
US7665133B2 (en) | 2004-06-12 | 2010-02-16 | Toshbia Tec Kabushiki Kaisha | System and method for monitoring processing in a document processing peripheral |
US8681097B2 (en) * | 2005-04-06 | 2014-03-25 | Sony Corporation | Reproducing device, setting changing method, and setting changing device |
US20120212511A1 (en) * | 2005-04-06 | 2012-08-23 | Sony Corporation | Reproducing device, setting changing method, and setting changing device |
US10242429B2 (en) | 2005-04-06 | 2019-03-26 | Sony Corporation | Reproducing device, setting changing method, and setting changing device |
US7725946B2 (en) * | 2005-08-18 | 2010-05-25 | Fujitsu Limited | Program, system and method for authenticating permission to use a computer system and inhibiting access to an unauthorized user |
US20070044140A1 (en) * | 2005-08-18 | 2007-02-22 | Fujitsu Limited | Program, system and method for authenticating permission to use a computer system and inhibiting access to an unauthorized user |
US20170060263A1 (en) * | 2014-07-29 | 2017-03-02 | Hewlett-Packard Development Company, L.P. | Display Device |
US10416782B2 (en) * | 2014-07-29 | 2019-09-17 | Hewlett-Packard Development Company, L.P. | Display device |
Also Published As
Publication number | Publication date |
---|---|
WO2001039099A1 (en) | 2001-05-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
TWI564747B (en) | Electronic device and secure boot method | |
US7870376B2 (en) | System, method and program product for controlling access to computer system | |
US20020049881A1 (en) | Information processing apparatus, information processing apparatus control method and storage medium | |
US20030070102A1 (en) | Password changing method and computer system, and computer readable record medium storing a program therein | |
JPH09171416A (en) | Computer illegal use prevention device | |
US20050257272A1 (en) | Information processing unit having security function | |
US20020099956A1 (en) | Information processing apparatus and storage medium | |
US7085933B2 (en) | Computer system apparatus and method for improved assurance of authentication | |
US20040100148A1 (en) | Power control unit and vehicle-installed apparatus | |
US8387134B2 (en) | Information processing apparatus and method of controlling authentication process | |
US7814321B2 (en) | System and method for protecting disk drive password when BIOS causes computer to leave suspend state | |
US20050055566A1 (en) | Computer system and method for controlling the same | |
JP2004259000A (en) | Information processor | |
JPH10143443A (en) | Computer system and hard disk password control method for the same | |
US20070044140A1 (en) | Program, system and method for authenticating permission to use a computer system and inhibiting access to an unauthorized user | |
JP4123560B2 (en) | Information processing device | |
JPH09305249A (en) | Information processor and method for mounting electronic equipment on the information processor | |
JPH10177524A (en) | Information processing system | |
JP2006139811A (en) | Information processing apparatus | |
JP4857993B2 (en) | Certification program and system | |
JPH11296250A (en) | Information processing system and its docking lock controlling method | |
JP2001350536A (en) | Processor and process starting method | |
JPH0635858A (en) | Terminal equipment and its security protecting method | |
JP4256880B2 (en) | Information processing apparatus, information processing apparatus control method, and storage medium | |
JP4794618B2 (en) | Information processing apparatus, information processing apparatus control method, and storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: FUJITSU LIMITED, JAPAN Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SUZUKI, TOMOYUKI;REEL/FRAME:012711/0040 Effective date: 20020311 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |